Operationally Necessary Cookies
“‘Do what’s best for the job seeker.’ This has been Indeed’s guiding principle since the beginning. One way we put the job seeker first is by keeping their information safe and secure. We always consider the security of our systems as we develop the services that millions of people use every day. But someone will outsmart us. Hackers are always trying out new ways of bypassing security and gaining access to systems and information. Our challenge: to bring these security experts over to our side and benefit from their findings. Our answer to this challenge is, well, money. Actually, money and fame. Indeed offers security testers a legitimate route to reporting their findings, and we award them for their time with cold, hard cash and recognition. Through our bug bounty program we have awarded over 300 submissions in the past year and a half, with payouts as high as $5,000 for the most severe bugs. Our most successful participants (looking at you, Angrylogic, Avlidienbrunn, and Mongo) have earned cash while building their reputations as highly regarded testers for Indeed.”
Prior to our bug bounty program, we occasionally received messages that sounded like blackmail. An anonymous person would contact us, insisting that we pay them, or they would publicly release the details of an unspecified, but totally serious, security bug. These individuals expected payment up front, with no guarantee that they even had a bug to expose. While we’re happy to compensate researchers for helping us improve our services, we didn’t want to encourage this coercive behavior. It felt wrong.
To solve the mutual distrust, we started using Bugcrowd.com as an impartial arbiter. On Bugcrowd, security researchers are more willing to provide evidence up front, giving us the chance to fairly assess the bug’s severity. Indeed can now provide rewards without abuse, and everyone lives happily ever after…
Read the full blog post on Indeed’s Bug Bounty Program.
Empower Your Security Team With a Crowd of White Hat Hackers to Find and Fix Vulnerabilities in Your Code Before the Bad Guys Do.
From Our BlogJuly 22, 2021Points don’t matter; Your skills doJuly 21, 2021The Shocking Truth You May Not Know About Being A Full-Time Bug HunterJuly 20, 2021ZwinK’s Tips and Tricks to Crush Bug Bounty #9 & #10MORE BLOG POSTSNewsJuly 20, 2021Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability DetectionJune 30, 2021Bugcrowd Welcomes New VP Of Customer Experience, Bolstering Company Mission to Provide Exceptional Service Throughout the Customer JourneyJune 8, 2021CISA Selects Bugcrowd and EnDyna to Run Its Vulnerability Disclosure Policy PlatformMORE NEWSEventsTips and Tricks to Penetration Testing: A Layered Security ApproachPen testing is widely known as a key security best practice. In fact, earlier this…Connect With UsVirtual Cyber Security Summit – DC Metro 2021The Eighth Annual DC Metro Cyber Security Summit goes virtual as it connects C-Suite &…Connect With UsVirtual Cyber Security Summit – Silicon Valley 2021The Fourth Annual Silicon Valley Cyber Security Summit goes virtual as it connects C-Suite &…Connect With UsMORE EVENTS
MORE BLOG POSTS
Pen testing is widely known as a key security best practice. In fact, earlier this…
The Eighth Annual DC Metro Cyber Security Summit goes virtual as it connects C-Suite &…
The Fourth Annual Silicon Valley Cyber Security Summit goes virtual as it connects C-Suite &…
Stay current with the latest security trends from Bugcrowd